<?php
session_start();

// 如果检测到已登录，直接跳转至首页
if (isset($_SESSION["admin"])) {
    if ($_SESSION["admin"] == "1") {
        echo "<h4>账号替换</h4>";
    } else {
        header("Location:index.php");
        exit();
    }
}

if ($_POST) {
    require ("./core/conn.php");
    $username = $_POST['username'];
    $password = MD5(trim($_POST['password']));
    $check_result = mysqli_query($conn, "SELECT id, admin, himg FROM user WHERE username = '$username' AND password = '$password'");
    $array = mysqli_fetch_array($check_result);
    if ($array) {
        $_SESSION['uid'] = $array['id'];
        $_SESSION['username'] = $username;
        $_SESSION['admin'] = $array['admin'];
        $_SESSION['himg'] = $array['himg'];
        //header("Location: http://" . $_SERVER['HTTP_HOST'] . rtrim(dirname($_SERVER['PHP_SELF']), '/\\') . "/index.php");
        //echo htmlspecialchars_decode("ok");
        exit(htmlspecialchars_decode('ok'));
    } else {
        echo htmlspecialchars_decode('账号或密码错误！');
    }
}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script src="https://cdn.bootcss.com/jquery/3.3.1/jquery.min.js"></script>
<script src="js/ajax.in.js"></script>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
	<title>留言登录</title> <script language="JavaScript">

function InputCheck(form1)
{
  if (form1.password.value == "")
  {
    alert("请输入昵称。");
    form1.password.focus();
    return (false);
  }
  if (form1.password.value == "")
  {
    alert("请输入密码。");
    form1.password.focus();
    return (false);
  }
}
//--!>
</script>
</head>
<body>
	<h3>登录</h3>
	<p>
		<input type="button" onclick="window.location.href='index.php'"
			value="首页" />
	</p>
	<form id="form1" name="form1" method="post" action="Login"
		onSubmit="return InputCheck(this)">
		<p>
			<label for="username">昵 称:</label> <input id="username" type="text"
				name="username" />
		</p>
		<p>
			<label for="password">密 码:</label> <input id="password"
				name="password" type="password" />
		</p><input type="button" onclick="history.go(-1)"
			value="返回">
		<!-- <input type="submit" name="submit" value=" 确 定 " /> -->
		<button type="button" onclick="Login()">确定</button>
		&nbsp;&nbsp;&nbsp;&nbsp; <a href="sign.php">没有账号，注册</a>
	</form>
	<p><span id="printtext"></span></p>
</body>
</html>